For Apple, This is the Year That Wasn't

2006: this is the year Apple were to make their infamous switch from Power to Intel. Fanboys were aghast: they'd been told for years how superior their hardware was, how inferior Intel's was, and now the company they'd offer their lives for were switching to inferior hardware? And suddenly claiming it was superior? Why? Had they been lied to all along? Were they being lied to now?

There wasn't much time to swallow that insult before the first calamity hit.

Oompa Loompa

The Oompa Loompa virus/worm/trojan hit in February 2006. Expertly crafted to assail Apple's lastest Tiger release of OS X, it poked into all the nooks and crannies of that hodgepodge system to wreak havoc and make the fanboys panic. And it worked.

Oompa Loompa hit first at the forum of the Mac Underground, and surprisingly did damage. This was the same forum where the Opener rootkit had been developed two years earlier. Many of the same names were still hanging around, and it was as if they'd not learned their lessons. The claim that it was pictures of Britney Spears' 'latest' proved adequate to get these 'hackers' to fall into the trap.

But the fun had just begun. Moving now to the ludicrous MacRumors forums, the author now claimed the deadly download had pictures of Apple's upcoming 'Leopard' release of OS X. And the fanboys at MacRumors - less equipped than the hackers at the Mac Underground, fell hook line and sinker - and started wailing like little wee babies. The end of the world had come, the sky was falling, etc.

Mission accomplished.

People at this site and elsewhere dug inside Oompa Loompa and searched for a solution. Finally such a solution was published here: lock down the input managers directory, and lock it down with special attributes that could not be reset other than in single user mode.

And all seemed well until this site received a polite comment explaining that OS X allowed for single user mode without a manual reboot - and that this was in fact the way the Opener rootkit had been able to proliferate.

[That polite comment, it turned out, came from the author of Opener, with whom this site had a dialogue for several months. See below. Ed.]

Opener

Opener was developed at the Mac Underground between March and October 2003. When it finally hit the media in October 2003, it was quickly dismissed, largely because Apple Maccie fanboys made wild dismissive claims such as it needing root access to run - which was of course absolutely ridiculous.

Opener exploited a gaping hole in OS X - a hole the author of Opener called not a hole but a crater - that allowed painless escalation to root - and to 'owning' any OS X box - by a simple unauthorised file operation.

And it further turned out that the author of Opener - and several others - had alerted Apple to this flaw years earlier. But Apple, in their infinite wisdom, had chosen to ignore it [sic]. Looking back at early releases of OS X, it was obvious that the 'Opener hole' had always been open.

The media buzz over Opener went on the better part of a month and was then forgotten, but the fact remains that it is the single biggest security hole ever in the history of modern operating systems. No operating system has ever offered such effortless escalation to superuser. None except OS X.

October 2003 came and went, as did the end of that year; the entire year 2004 came and went, and still no fix for the Opener hole; and in fact it wasn't until April 2005 that Apple silently - operative word 'silently' - patched it without ever admitting there had been a hole in the first place and absolutely without ever intimating how important it was the hole be plugged and - to add even more insult to injury - without ever offering retroactive security patches for people running older versions of the operating system.

'The media buzz over Opener went on the better part of a month and was then forgotten, but the fact remains that it is the single biggest security hole ever in the history of modern operating systems. No operating system has ever offered such effortless escalation to superuser. None except OS X.'

For the Apple patch worked only on Tiger, released 29 April 2005 - users of all prior releases were left in the lurch and never informed of the dangers they ran.

Opener was a study - a demonstration - of the lax security on OS X both on the part of Apple and on the part of third party software developers. Installing it and getting it to run was child's play; once installed and running it gleaned data and sensitive information such as passwords from the most unlikely places and forwarded it all on to a central repository.

The key to the success of Opener was its method of escalating to root, which it turns out does not need any authentication at all. Login hooks could be installed in the startup items directories with no authentication; both login and logout hooks must by definition run not only as root but as root in single user mode because again by definition there is no user logged in at either point.

Code running as root is powerful enough, but there are limitations; code running as root in single user mode has no limitations whatsoever. Opener could do anything it pleased and the system and its user would never be aware of it - and even if they knew would be powerless to stop it.

OS X boxes everywhere were being compromised by Opener, and especially people allowing remote access to their computers were compromised. And it was possible for hackers to see on remote systems if Opener was already installed, and they reported back that they'd personally seen thousands of victims. And when the targeted boxes were updated to the supposedly safe Tiger, nothing happened: Opener could disguise its presence and cover its tracks. Only fresh installs of Tiger were guaranteed to be safe.

And all through this Apple did nothing and the fanboys denied everything.

The Intel Boxes Arrive

And now the first x86 Apple boxes started leaving their Chinese factories, and soon it would become evident Apple and Intel both had cut all corners on quality. Intel had raced their 'Core Duo' through the design phase, leaving egregious flaws, and Apple reworked their PowerBook design for the new super-hot processor. Within a few days reports started filing in.

The Apple Defects domain was registered on 6 June 2006 and quickly became the one stop portal for all information on these abysmal products. To date Apple Defects list the following issues with the so called MacBook Pro.

MacInTouch eventually did a test of the MacBook Pro and all other Intel laptops and came to the conclusion that it was only the relatively rare 17 inch MacBook Pro model that had any chance of being a 'safe' purchase, but even this encouragement was qualified by the relatively few units that could be tested.

And when Apple released the diminutive MacBook as a successor to the iBook, all hell broke loose.

And it's indicative that despite the barrage of documentation and the staggering number of complaints Apple have only - and reluctantly - agreed to take a tentative look at three of all the above issues - and this after dismissing - and insulting - customers for months.

32 to 64 to 32?

The move to Intel also meant Apple had to back away from their move to 64-bit computing. The famous VA Tech cluster, once ranked as the fifth fastest computer in the world, needed 64-bit computing. The PowerPC 970 built by IBM was 64-bit but the new Intel 'Core Duo' processors were not.

Before the switch to Intel it was assumed all Apple computers would move to 64-bit and in fact all had, save the notebooks. At the top of the line was the Power Mac: it eventually housed dual PowerPC 64-bit CPUs. The home version, the iMac, got one PowerPC 64-bit CPU.

With the move to Intel Apple backed the iMac from 64-bit computing to the 32-bit Core Duo, something that puzzled pundits everywhere. On the off chance that shops preferred using iMacs for serious number crunching, what were they to do now?

The Power Mac at the top of the line had to stick with the PowerPC as Intel had no alternative offering. More and more Apple appear a seriously confused company.

The Open Source Gambit

NeXT's operating system - the system where things had to be perfect before release - devolved into Apple's OS X which was sculpted instead by market demands. NeXT was using an open source underbody, FreeBSD, a derivative of Berkeley Unix, the branch initiated by Ken Thompson on a sabbatical home to his alma mater. NeXT added a bit to the underbody with the MACH microkernel, but that was it.

Apple had long been the margin player in the greater scheme of things, but Tim Berners-Lee's invention of the 'world wide web' changed the rules of the game. And Microsoft had enjoyed a temporary market surge with their Windows NT but those in the know were already abandoning it and going back to Unix. Apple wanted to strike.

Rob Braun was both an employee of Apple and cofounder of the 'Open Darwin' project. Apple had to make additional - and not so trivial - changes to the NeXT underbody for all the 'beige box' functionality they felt incumbent to save. FreeBSD became Darwin and the code started going all over the place, but Apple insisted it was to be a completely open source project.

By early 2006 Rob Braun had had enough and started venting his woes and misery over the way Apple manipulated the market with their gambit. Apple had never meant their Darwin to be true open source, Braun told the planet - it was all a gambit to get a bigger market share with academia and the research community. Darwin failed on most points in fulfilling the promise and tenets of open source.

And now that everyone had seen how dangerous it could be to rely on a company like Apple to take care of security issues, citing in particular the Opener scandal that Apple ignored for several years, pundits were becoming sensitised to the fact that Unix itself was not enough - a company or organisation also needed a good security response model. And Apple had none.

Later in the year Rob Braun would close the Open Darwin project for good. Apple's foray into the world of open source and adequate security had been a lie, a sham.

iTunes 7

As if the above were not bad enough, iTunes 7 turned out to be a disaster - and now Apple were screwing with a much bigger demographic, for the overwhelming majority of iTunes users run Windows, not OS X.

And the flaws in iTunes 7 were so apparent within 48 hours that several online sources including the Sydney Morning Herald branded it a lemon.

This led to a number of additional embarrassing discoveries. Jupiter Research found most iPod users did not even use the Apple iTunes store. According to their report, only 20 tracks or 5% of all tracks on your average iPod come from Apple. Most users rip from their own CDs or download from filesharing sites. 83% of iPod owners don't regularly purchase digital music - if at all. Only a paltry 17% download often, and even for this group it's usually single tracks no more than once per month.

The Apple iTunes model is also under attack, as sites such as SpiralFrog finance royalty payments by having advertising and offering the tracks completely for free.

Back to Never-Was?

Apple would be absolutely nowhere without having lucked out with their MP3 player. Should this market be damaged they will be in for even tougher times. Maybe even back to 1996 and another dance with Chapter 11 - for Apple are hard determined to never break into mainstream computing. They want their fanboys and their 2% market share.

They can have it. Nobody wants their fanboys and a 2% market share doesn't mean a thing.